20-Minute Leaders“Astrix is going to be the glue between different cloud services.”
20-Minute Leaders
“Astrix is going to be the glue between different cloud services.”
With more end users within enterprises adding third-party apps to their platforms, the process of integrating technology has become more decentralized, says Alon Jackson, co-founder and CEO of Astrix Security.
With more end users within enterprises adding third-party apps to their platforms, the process of integrating technology has become more decentralized, says Alon Jackson, co-founder and CEO of Astrix Security. Yet security between different apps and cloud services is not well understood or monitored, which is why Astrix aims to be in this space in between. Jackson shares that he wants to give CISOs and security managers the tools to see what is going on between apps and enable productivity. When customers tell him this is exactly the tool they’ve been looking for, he says that is the best response possible. Jackson had an 11-year career in the IDF before joining Argus and getting some experience outside the world of 8200. Though his journey has been technology focused, he really gets excited about the people he’s impacted. As CEO, he most enjoys inspiring and motivating others.
Tell me a little bit about Astrix.
What really makes Astrix is of course the people. Not only good friends but amazing people and amazing technology. We are creating the first app-to-app security platform to really change how applications today integrate and connect to enterprises. You know how you have all these apps today on your mobile phone that ask for permissions to access your contacts or access your photos. It's really that, but on the enterprise level, with finding hundreds and thousands of such connections in between different third parties, in between different apps, to core systems of organizations. This is really what we are here to secure.
What has your own journey been like leading up to Astrix?
Before Astrix, actually I left 8200, the cyber security unit, and I joined Argus, an automotive cyber security company and I led the R&D group over there. I learned a lot there from an amazing group of founders. I think it was important for both myself and my partner, Idan [Gour], to leave the 8200 bubble and learn a thing or two outside in the industry before building our own baby.
Before that, over 11 years at 8200. I left as a major. I think 8200 is really the best school in the world for technology and management in stressful situations, uncertain situations. It's a good school to grow up as both a technologist and a manager.
When it comes to this professional world, where do you find your own joy and excitement if you look over these 15 years or so?
I think what I'm excited about the most is really the generations of team leaders and people that I've worked with. In Argus, I managed like four teams, and all team leaders are good friends of mine. Before that, at 8200, I managed a couple of teams with amazing people who you can see really progress. It's all about people and growing together, and growing your network together. Thinking about being a founder, it's really the opportunity to build something from the ground up.
What is the world that we are living in now that makes app-to-app security an important part of what's happening?
Apps are becoming more and more like platforms today. They enable end users to build and connect on top of them. This is important for large applications because it makes them sticky. Building on top of them makes them sure that we won't be able to leave very easily. It's a growth engine for them because there is a lot of innovation being built on top of these platforms. The end users today, they just add new apps from bottom up. IT is really democratizing. There is not always a security process when adding new third parties on top of enterprise accounts.
No app today has worth when in silo. Data only has worth when shared. This is the kind of world we live in where everything is interconnected with everything via API. This is the kind of world that Astrix is enabling to map, monitor, and secure.
When you think about where Astrix is coming into these organizations, what are some potential products that are relevant?
I think the easiest way to think about it is that there are so many solutions out there for user access, but there is nothing to help organizations today manage and secure all the non-user access that they have. The APIs really go under the radar. There is nothing to help security managers today get visibility into what's going on there. What we are doing in Astrix is enabling them for the first time to get their visibility, governance, and of course automatic remediation into how all their third-parties are interconnected with each other.
The last year was crazy in terms of different kinds of hacks. We had GitHub that was hacked via third-parties from Heroku and Travis-CI. We call it "service supply chain." That's the kind of hack of what's going on.
What's the reception like? Do CISOs and people just generally really understand the pain point here?
We are seeing the API ecosystem exploding, and the last attacks like in the last year are crazy. It's actually just a huge wave that on the one side, it's not a good thing, but it really means that there is a place for that. Today, when I ask the CISO, "Do you manage user access to your critical systems?" The answer is like, 99%, "Yes, of course I do." Then you ask, "Do you manage API access to your critical system?" They're like, "Jackson, what are you talking about?"
It's kind of that easy to understand that there is a big gap in most organizations simply because they don't have the tools to actually deal with it. A lot of the time they know that they have the problem. We did talk actually with some enterprises that really looked for this kind of tool, and they said, "This was something that we've been struggling with." That's, I think, the most amazing response a founder can get.
What is the vision for Astrix down the line and what is the impact this is going to have on the industry?
We are going into a world where we are going to have more and more third parties. The value is only provided when integrating them with each other and then playing with each other at the enterprise level. This is what pushes productivity forward. Astrix is really going to be the glue between all these different cloud services. Between them, that's a hard place to manage, especially for large organizations. You can't really stop the business from running forward. It's complex. It's a mess. We want to help CISOs and security managers progress from being gatekeepers into productivity enablers.
Take me into Alon's world of leadership, what have you learned over these years?
I think the most important thing I learned is letting go. Delegating and thinking, "Do I really have to be here? Do I have to be the one that does this?" This really empowers your folks to do more by themselves and really enables you to look forward.
I'm figuring out the best way to motivate other people through these short meetings, through the emails, through phone calls, WhatsApps, corridor, making coffee, talking with them in the morning. Understanding that the whole work and progress is done and is done not only in time, but also in the way and fashion that you believe that things should be done is very hard when you start managing managers and you are not the direct manager of the individual contributors.
Where do you find the most fulfillment?
Really it's people. First of all, I'd say my partner. Then we brought, more importantly maybe from the kind of technological diversity is the network diversity. Amazing people who kind of came very quick. Everything runs very fast when you have amazing people with you. Then amazing customers that really start up as good design partners, that you trust and you see eye to eye, and that believe in your ability to execute your vision. And then amazing investors. The guys from F2 here in Israel, and Bessemer also, followed by Venrock, a Bay Area VC fund, and some amazing cyber security angels that joined this round. It all comes down to people. I'm spending most of my time really talking, inspiring, motivating, pushing everyone forward. I think that's the main role, and that's what I enjoy the most.
Michael Matias, Forbes 30 Under 30, is a Venture Fellow at Innovation Endeavors as well as investment Venture Partner at Secret Chord and J-Ventures. He studies Artificial Intelligence and Human-Computer Interaction at Stanford University, and was an engineer at Hippo Insurance. Matias previously served as an officer in the 8200 unit. 20MinuteLeaders is a tech entrepreneurship interview series featuring one-on-one interviews with fascinating founders, innovators and thought leaders sharing their journeys and experiences.
Contributing editors: Michael Matias, Megan Ryan